giamex.es Cross Site Scripting vulnerability OBB-3931511

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dolnyslask.travel Cross Site Scripting vulnerability OBB-3874051

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

office.stadtwerke-herne.de Cross Site Scripting vulnerability OBB-3479462

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2020-11991

Apache Cocoon 2.1.12 is vulnerable to XML injection via the StreamGenerator when parsing user-supplied XML containing external entities. This can allow reading arbitrary files on the server. The connected template explicitly notes the issue and recommends upgrading to Apache Cocoon 2.1.13 or late...

CVE-2005-4890

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process...

sei.londrina.pr.gov.br Cross Site Scripting vulnerability

Security Researcher Gh05tPT Helped patch 6858 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting sei.londrina.pr.gov.br website and its users. Following...

Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (meta)

No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...

FOSS Gallery Public 1.0 - Arbitrary File Upload (PoC)

FOSS Gallery Public 1.0 - Arbitrary File Upload PoC -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= FOSS Gallery Public Version eNYe-Sec - www.enye-sec.org -- Bug -- Website doesn't check the images format and you can upload PHP files. -- Exploit --...